search

digitickets / terraform-aws-cli

Run the AWS CLI, with the ability to run under an assumed role, to access resources and properties missing from the Terraform AWS Provider.
26 stars 11 forks source link

Would love a "trigger" field #7

Closed sarasensible closed 6 months ago

sarasensible commented 10 months ago

Trying to use the result in a for_each and Terraform errors out because the value isn't known until apply. If we had a "trigger" field I could specify when I want the value to be updated.

module "resource_record_sets" {
  source            = "digitickets/cli/aws"
  version           = "v5.0.4"
  trigger            = data.aws_route53_zone.this.resource_record_set_count    <----------- this would be great
  assume_role_arn   = "arn:aws:iam::${var.dev_account}:role/Administrator"
  role_session_name = "GettingResourceRecordSetsFor${var.env}"
  aws_cli_commands  = ["route53", "list-resource-record-sets", "--hosted-zone-id", data.aws_route53_zone.this.id]
  aws_cli_query     = "ResourceRecordSets[?ResourceRecords[0].Value==`${data.kubernetes_service.ingress-nginx-svc.status.0.load_balancer.0.ingress.0.hostname}`].Name"
}

By the way this is a workaround for https://github.com/hashicorp/terraform-provider-aws/issues/27851

sarasensible commented 10 months ago

Looking at the external data module provided by Terraform I don't think this is achievable, since a trigger is only on null resource not the external program. I worked around with a targeted apply.

rquadling commented 6 months ago

Interestingly, the main use for this module was to get the current number of EC2s running in an ASG, and use that value for the new replacement ASG. That may have been doable within Terraform already, but at the time, it was all fine and we're still using it for that purpose.

Our TF plan output shows the current values ...

      ~ desired_capacity                 = 5 -> 9

rather than the (known after apply) thing that normally happens ... when it shouldn't.

The latest version of this module has been released and requires Terraform 1.6.0. The CHANGELOG covers the upgrade information (it's the first time there's a BC so not sure where else that would need to go).

rquadling commented 6 months ago

Just reading about triggers ... https://medium.com/@thiagoalves/a-reason-to-stop-using-the-terraform-null-resource-51180b2339 ... this is the first time I've seen the use of triggers.

I am unsure they would fulfil the requirement though.

rquadling commented 6 months ago

So. I've read a bit more on your https://github.com/hashicorp/terraform-provider-aws/issues/27851.

I took your requirement and used it in my repos and it produced a plan that wants to add 11 resources.

Hopefully the code below will make sense. The issue you may be having could be related to the version of Terraform.

# Adjust this as you need.
data "aws_route53_zone" "this" {
  name         = format("%s.aws", var.env)
  private_zone = true
}

module "resource_record_sets" {
  source            = "digitickets/cli/aws"
  version           = "~> 6.0"
  assume_role_arn   = "arn:aws:iam::${var.dev_account}:role/Administrator"
  role_session_name = "GettingResourceRecordSetsFor${var.env}"
  aws_cli_commands  = ["route53", "list-resource-record-sets", "--hosted-zone-id", data.aws_route53_zone.this.id]
  aws_cli_query     = "ResourceRecordSets[?ResourceRecords[0].Value==`${data.kubernetes_service.ingress-nginx-svc.status.0.load_balancer.0.ingress.0.hostname}`].Name"
}

resource "aws_route53_health_check" "checker" {
  for_each          = zipmap(module.resource_record_sets.result, module.resource_record_sets.result)
  fqdn              = each.value
  port              = 80
  type              = "HTTP"
  resource_path     = "/"
  failure_threshold = "5"
  request_interval  = "30"
}

output "record_sets" {
  value = module.resource_record_sets.result
}

I copied the example aws_route53_health_check from the TF Docs. I've not run the apply, but as this is plan output, it should all be fine.

rquadling commented 6 months ago

As this issue had already been closed, re-closing.